JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.94.115.238

1.94.115.238 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 100%: ?

100%

ISP	Beijing Teletron Telecom Engineering Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS55990
Hostname(s)	ecs-1-94-115-238.compute.hwclouds-dns.com
Domain Name	drpeng.com.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.94.115.238

Whois 1.94.115.238

IP Abuse Reports for 1.94.115.238:

This IP address has been reported a total of 22 times from 20 distinct sources. 1.94.115.238 was first reported on June 12th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 bigscoots.com	2026-06-14 04:19:53 (1 hour ago)	1.94.115.238 (CN/China/ecs-1-94-115-238.compute.hwclouds-dns.com), 5 distributed sshd attacks on acc ... show more 1.94.115.238 (CN/China/ecs-1-94-115-238.compute.hwclouds-dns.com), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 13 23:16:17 13577 sshd[5654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.231.51.54 user=root Jun 13 23:16:19 13577 sshd[5654]: Failed password for root from 90.231.51.54 port 53913 ssh2 Jun 13 23:14:36 13577 sshd[4657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.94.115.238 user=root Jun 13 23:14:38 13577 sshd[4657]: Failed password for root from 1.94.115.238 port 41516 ssh2 Jun 13 23:19:42 13577 sshd[7384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.231.51.54 user=root IP Addresses Blocked: 90.231.51.54 (SE/Sweden/90-231-51-54-no600.tbcn.telia.com) show less	Brute-Force SSH
🇪🇸 yvoictra	2026-06-14 01:28:58 (4 hours ago)	2026-06-14T03:28:57.760248+02:00 medusa sshd-session[385563]: Invalid user david from 1.94.115.238 p ... show more 2026-06-14T03:28:57.760248+02:00 medusa sshd-session[385563]: Invalid user david from 1.94.115.238 port 58340 ... show less	Brute-Force SSH
🇫🇮 Xargana	2026-06-14 01:15:50 (5 hours ago)	[sshd] \| 2026-06-14T03:05:46.753554+02:00 xargana.tr sshd[1215736]: Failed password for invalid user ... show more [sshd] \| 2026-06-14T03:05:46.753554+02:00 xargana.tr sshd[1215736]: Failed password for invalid user premiere from 1.94.115.238 port 37256 ssh2 show less	Brute-Force SSH
🇩🇪 Lazentis	2026-06-14 00:44:04 (5 hours ago)	Unauthorized access attempt to port 22 (tcp)	Brute-Force SSH
🇩🇪 Autobusero	2026-06-13 21:31:39 (8 hours ago)	Unauthorized connection attempt detected, SSH Brute-Force	Brute-Force SSH
🇬🇧 Cheddar	2026-06-13 20:41:57 (9 hours ago)	2026-06-13T20:41:54.088787+00:00 ip-172-31-32-95 sshd[2105686]: Invalid user testuser from 1.94.115. ... show more 2026-06-13T20:41:54.088787+00:00 ip-172-31-32-95 sshd[2105686]: Invalid user testuser from 1.94.115.238 port 38776 2026-06-13T20:41:54.091581+00:00 ip-172-31-32-95 sshd[2105686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.94.115.238 2026-06-13T20:41:56.670582+00:00 ip-172-31-32-95 sshd[2105686]: Failed password for invalid user testuser from 1.94.115.238 port 38776 ssh2 ... show less	Brute-Force SSH
🇩🇪 anycast_ac	2026-06-13 20:19:56 (9 hours ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/2222 (ssh). Family fingerprint: ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/2222 (ssh). Family fingerprint: ssh-bruteforce Commands captured: $ SSH-2.0-libssh_0.9.6 show less	DDoS Attack
🇩🇪 ipcop.net	2026-06-13 19:58:17 (10 hours ago)	2026-06-13T21:48:31.422984+02:00 router01.peter-barth.de sshd-session[1369344]: Disconnected from in ... show more 2026-06-13T21:48:31.422984+02:00 router01.peter-barth.de sshd-session[1369344]: Disconnected from invalid user developer 1.94.115.238 port 51124 [preauth] 2026-06-13T21:50:34.305741+02:00 router01.peter-barth.de sshd-session[1369631]: Disconnected from authenticating user root 1.94.115.238 port 43208 [preauth] 2026-06-13T21:56:22.813317+02:00 router01.peter-barth.de sshd-session[1370479]: error: kex_exchange_identification: read: Connection reset by peer 2026-06-13T21:56:22.813364+02:00 router01.peter-barth.de sshd-session[1370479]: Connection reset by 1.94.115.238 port 60394 2026-06-13T21:58:15.782244+02:00 router01.peter-barth.de sshd-session[1370756]: Invalid user zhaomin from 1.94.115.238 port 33352 show less	Brute-Force
🇺🇸 bigscoots.com	2026-06-13 19:48:19 (10 hours ago)	(sshd) Failed SSH login from 1.94.115.238 (CN/China/ecs-1-94-115-238.compute.hwclouds-dns.com): 5 in ... show more (sshd) Failed SSH login from 1.94.115.238 (CN/China/ecs-1-94-115-238.compute.hwclouds-dns.com): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: Jun 13 14:01:09 14592 sshd[20805]: Invalid user tmp from 1.94.115.238 port 42114 Jun 13 14:01:11 14592 sshd[20805]: Failed password for invalid user tmp from 1.94.115.238 port 42114 ssh2 Jun 13 14:29:59 14592 sshd[3603]: Invalid user dummy from 1.94.115.238 port 46958 Jun 13 14:30:02 14592 sshd[3603]: Failed password for invalid user dummy from 1.94.115.238 port 46958 ssh2 Jun 13 14:48:12 14592 sshd[13591]: Invalid user developer from 1.94.115.238 port 43546 show less	Brute-Force SSH
🇮🇹 alph44	2026-06-13 18:42:58 (11 hours ago)	SSH brute force attack detected: 5 failed attempts	Brute-Force
🇩🇪 formality	2026-06-13 16:52:45 (13 hours ago)	Invalid user test from 1.94.115.238 port 44094	Brute-Force SSH
🇫🇮 MindSolve	2026-06-13 16:40:34 (13 hours ago)	2026-06-13T18:11:14.678663+02:00 admin sshd[665630]: Invalid user global from 1.94.115.238 port 3584 ... show more 2026-06-13T18:11:14.678663+02:00 admin sshd[665630]: Invalid user global from 1.94.115.238 port 35842 2026-06-13T18:11:14.680888+02:00 admin sshd[665630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.94.115.238 2026-06-13T18:11:16.123635+02:00 admin sshd[665630]: Failed password for invalid user global from 1.94.115.238 port 35842 ssh2 2026-06-13T18:40:31.490296+02:00 admin sshd[676056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.94.115.238 user=root 2026-06-13T18:40:33.804775+02:00 admin sshd[676056]: Failed password for root from 1.94.115.238 port 58728 ssh2 ... show less	Brute-Force SSH
🇩🇪 formality	2026-06-13 15:55:26 (14 hours ago)	Invalid user testwww from 1.94.115.238 port 48620	Brute-Force SSH
🇮🇳 92kmees	2026-06-13 13:06:21 (17 hours ago)	2026-06-13T13:06:20.107013+00:00 ktj-nc sshd[269060]: Invalid user apt from 1.94.115.238 port 34982 ... show more 2026-06-13T13:06:20.107013+00:00 ktj-nc sshd[269060]: Invalid user apt from 1.94.115.238 port 34982 2026-06-13T13:06:20.455253+00:00 ktj-nc sshd[269060]: Disconnected from invalid user apt 1.94.115.238 port 34982 [preauth] ... show less	Brute-Force SSH
🇩🇪 licen777	2026-06-13 08:48:58 (21 hours ago)	Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-13T06:52:28Z and 2026-06-1 ... show more Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-13T06:52:28Z and 2026-06-13T08:48:58Z show less	Brute-Force SSH

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇪 200.37.179.83

🇻🇪 200.11.241.106

🇺🇸 162.216.150.111

🇫🇮 147.185.133.44

🇸🇬 47.79.205.245

🇺🇸 40.124.175.184

🇧🇷 205.210.31.194

🇭🇰 199.45.154.186

🇲🇿 196.28.226.124

🇲🇽 187.191.48.23

🇮🇳 182.95.230.158

🇮🇳 182.76.107.16

🇦🇲 178.160.228.254

🇺🇸 162.216.150.149

🇺🇸 162.216.149.176

🇫🇮 147.185.133.22

🇺🇸 147.185.132.156

🇺🇸 104.194.9.81

🇫🇷 85.217.140.27

🇺🇸 65.49.1.135